Security & compliance

Your inbox contains some of your most sensitive business data. We treat it that way. InboxPilot is built on enterprise-grade security practices, maintains key compliance certifications, and gives you full control over your data at all times

Data protection

Enterprise-grade encryption protects your data at every stage – in transit and at rest.

🔑 AES-256 encryption at rest
🔑 TLS 1.3 encryption in transit
🔑 Daily encrypted backups
🔑 90-day audit logs

Compliance

Compliant with major global data protection regulations and independently certified.
‍
🔑 SOC 2 Type II certified
🔑 GDPR compliant
🔑 CCPA / CPRA compliant
🔑 CASA certified by Google

Privacy first

Your data is yours. We access only what's needed to provide the service – nothing more.

🔑 Your data is never sold or shared
🔑 Not used to train AI models
🔑 No cross-customer data sharing
🔑 You can delete your data anytime

Certifications & standarts

InboxPilot meets rigorous security and compliance standards — independently assessed and verified.

Built so only the right people can access your data

InboxPilot connects to your inbox using OAuth 2.0 – the same secure standard used by Google and Microsoft. We never store your email password. Access is encrypted, monitored, and logged at all times. Administrative access requires multi-factor authentication, and all user permissions follow a least-privilege model so no one can access more than their role requires.

OAuth 2.0 – no passwords stored

Multi-factor authentication (MFA) required for all admin access

Role-based access control (RBAC) with least privilege

Single sign-on (SSO) for Enterprise users

All access monitored and audit logged

24/7 real-time security monitoring

Under 1 hour incident response time, tested quarterly

Client-level data segregation – your data is isolated from other customers

We only access what we need, nothing else

InboxPilot connects to your inbox to read incoming emails and generate drafts. That's it. We don't store your email content beyond what's needed to deliver the service. We don't use your data to train AI models – ours or anyone else's. When you send data to third-party AI services like OpenAI to generate a draft, it's processed temporarily and not retained for training purposes. We have contractual agreements in place with all AI providers to enforce this.

Email content not stored beyond service delivery

Never used to train third-party AI models

Minimum necessary data sent to AI services

Contractual protections with all AI providers

Private knowledge base — isolated per customer

No cross-customer learning or data sharing

Data automatically deleted on account cancellation

You remain the sole owner of your data at all times

Data Processing Addendum (DPA)

Review our DPA for GDPR, CCPA, and other compliance requirements.

View DPA →

Learn how we collect, use, and protect your personal information.

View Privacy Policy →

Review our terms and conditions for using InboxPilot services.

View Terms →

Security Measures

Detailed information about our security infrastructure and practices.

Learn More →

Infrastructure

Hosted on Google Cloud Platform

InboxPilot runs on Google Cloud Platform (GCP) – one of the most secure and compliant cloud infrastructure providers in the world. GCP data centers are built to Tier III or higher specifications with robust redundancy and uptime resilience. This means InboxPilot benefits from globally recognized security certifications including ISO/IEC 27001, SOC 1/2/3, PCI DSS, and HIPAA compliance at the infrastructure level.

Our own security practices build on top of this foundation:
🔑 Daily encrypted backups with 30-day retention
🔑 Network firewalls and intrusion detection systems
🔑 Regular penetration testing and vulnerability scanning
🔑 Annual security training for all personnel with data access
🔑 Comprehensive audit logging with 90-day retention

Questions? 
We’re glad you asked.

What exactly does InboxPilot do?

InboxPilot is an AI email agent that automates triage, labeling, and draft generation for Gmail and Outlook. It acts as an autonomous co-pilot to execute natural language workflows, draft brand-aligned replies, and filter out workspace noise.
‍
VS

InboxPilot is an AI email automation tool for teams that need to do more than just reply faster. It connects to your inbox and automatically drafts responses, routes emails, updates your CRM, creates tickets, notifies teammates, and organizes your inbox — all triggered by incoming emails. It works with Gmail and Outlook and integrates with Salesforce, HubSpot, Zendesk, Slack, Notion, Shopify, and more.

Draft Mode	Drops contextual, brand-aligned replies directly into your email thread for manual review.	Human Review Required
Auto-Send	Automates background replies instantly for low-stakes, routine message categories you define.	100% Autonomous AI
Workflows	Runs plain-English commands like "forward invoices to accounting" or "trash cold sales pitches."	Inbox Hygiene & Ops

Can I test my AI email workflows safely before activating them live?

Yes, InboxPilot includes an isolated Playground testing environment built into the platform dashboard. This sandbox lets you paste sample emails, mock scenarios, and preview exactly how the AI will tag, route, or reply to a thread without altering real messages or sending accidental live responses to customers.

How does InboxPilot use custom documentation and email templates to reply?

InboxPilot pulls directly from your uploaded FAQs, internal policy sheets, and historical threads stored inside your Knowledge Center. Additionally, it features snippet retention: you write an email template once for a repetitive question, and the AI accurately deploys that contextual framing whenever it detects matching user intent.

Does the email automation tool learn from manual edits and human feedback?

Yes, InboxPilot features a continuous machine learning feedback loop powered by direct human interactions. Every time a teammate gives a draft a thumbs up/down or writes a brief adjustment note, the system immediately tracks the variance to refine its underlying logic and improve future reply accuracy.

Can InboxPilot automate workflows across multiple shared team inboxes?

InboxPilot is built natively for multi-user collaboration and shared spaces including sales, operations, support, and recruiting teams. It unifies high-volume inboxes under centralized, plain-English business rules, ensuring that distinct departments remain entirely aligned with your corporate guidelines and brand guidelines.

Can I save and reuse traditional email templates for recurring questions?

Yes! InboxPilot memorizes your custom email templates and automatically deploys them when it detects matching user intent.
‍
- Dynamic Variables: Automatically inserts names, dates, or order numbers instead of raw copy-pasting.

- Hybrid AI Generation: Blends the reliability of standard email macros with conversational AI to fit the exact context.

Does InboxPilot get smarter over time?

Yes. When you edit an AI draft — correcting a fact or adjusting phrasing — InboxPilot automatically learns from the change and applies it to future replies. Every correction makes the AI more accurate for your specific business.

You have been doing it manually for too long

Connect your Gmail or Outlook inbox in one click, train InboxPilot on your business data, and start receiving replies that sound exactly like you – ready to send or sent automatically.

Start for Free

Book a demo

No credit card required. Setup in 2 minutes.